discordrat | 6b6c92ccb9752329a838ad2a79484bc1bb83e94fb997712808108340bb3617c9 | Triage

Sharing

General

Target

Roblox nice wallpaper PC 4K‮gpj.exe
Size

525KB
Sample

240830-yg8y7ashmj
MD5

614716c4f52130c13f4a8b8f245ae85f
SHA1

6375084924bbe5d378a9f36944224b03ae20d503
SHA256

6b6c92ccb9752329a838ad2a79484bc1bb83e94fb997712808108340bb3617c9
SHA512

583635f6fa7d7b23ed7fc7bbbe41e697b56ce6ef931f953ab603b31bb81f1b6ac510caf17a886eec6db69c206f405116ab5d757365d0a4aa0be73dd8fe213622
SSDEEP

12288:jyveQB/fTHIGaPkKEYzURNAwbAg8Bhd8/APuf+qQ+:juDXTIGaPhEYzUzA0qS/APuf+qQ+

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI3NjIwMDE1NTc2MjM5NzI5Nw.Gf_BR-.jnyabVpo-_wlglvaEtXc_eHkRrFGBBqCy_X7zg
server_id
1276200065106579466

Targets

- Target
  
  Roblox nice wallpaper PC 4K‮gpj.exe
- Size
  
  525KB
- MD5
  
  614716c4f52130c13f4a8b8f245ae85f
- SHA1
  
  6375084924bbe5d378a9f36944224b03ae20d503
- SHA256
  
  6b6c92ccb9752329a838ad2a79484bc1bb83e94fb997712808108340bb3617c9
- SHA512
  
  583635f6fa7d7b23ed7fc7bbbe41e697b56ce6ef931f953ab603b31bb81f1b6ac510caf17a886eec6db69c206f405116ab5d757365d0a4aa0be73dd8fe213622
- SSDEEP
  
  12288:jyveQB/fTHIGaPkKEYzURNAwbAg8Bhd8/APuf+qQ+:juDXTIGaPhEYzUzA0qS/APuf+qQ+
Score

10^/10

discordrat persistence rat rootkit stealer
- Discord RAT
  A RAT written in C# using Discord as a C2.
  stealer rootkit rat persistence discordrat
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

discordratpersistenceratrootkitstealer